Industrial Internet Consortium Releases Endpoint Security Best Practices White Paper

Industrial Internet Consortium Releases Endpoint Security Best Practices White Paper

Security comes first to mind whenever we begin discussing connecting things in an industrial setting. And, of course, nothing connects things like the Industrial Internet of Things (IIoT). One place we often fail to consider in our security planning is at the endpoint of the network. Organizations and companies have been providing valuable assistance to developers by releasing best practices white papers. Here is one from a leading Industrial Internet organization.

The Industrial Internet Consortium (IIC) announced publication of the Endpoint Security Best Practices white paper. It is a concise document that equipment manufacturers, critical infrastructure operators, integrators and others can reference to implement the countermeasures and controls they need to ensure the safety, security and reliability of IoT endpoint devices. Endpoints include edge devices such as sensors, actuators, pumps, flow meters, controllers and drives in industrial systems, embedded medical devices, electronic control units vehicle controls systems, as well as communications infrastructure and gateways.

“The number of attacks on industrial endpoints has grown rapidly in the last few years and has severe effects. Unreliable equipment can cause safety problems, customer dissatisfaction, liability and reduced profits,” said Steve Hanna, IIC white paper co-author, and Senior Principal, Infineon Technologies. “The Endpoint Security Best Practices white paper moves beyond general guidelines, providing specific recommendations by security level. Thus, equipment manufacturers, owners, operators and integrators are educated on how to apply existing best practices to achieve the needed security levels for their endpoints.”

The paper explores one of the six functional building blocks from the IIC Industrial Internet Security Framework (IISF): Endpoint Protection. The 13-page white paper distills key information about endpoint device security from industrial guidance and compliance frameworks, such as IEC 62443, NIST SP 800-53, and the IIC IISF.

Equipment manufacturers, industrial operators and integrators can use the Endpoint Security Best Practices document to understand how countermeasures or controls can be applied to achieve a particular security level (basic, enhanced, or critical) when building or upgrading industrial IoT endpoint systems, which they can determine through risk modeling and threat analysis.

“By describing best practices for implementing industrial security that are appropriate for agreed-upon security levels, we’re empowering industrial ecosystem participants to define and request the security they need,” said Dean Weber, IIC white paper co-author, and CTO, Mocana. “Integrators can build systems that meet customer security needs and equipment manufacturers can build products that provide necessary security features efficiently.”

While the white paper is primarily targeted at improving the security of new endpoints, the concepts can be used with legacy endpoints by employing gateways, network security, and security monitoring.

The full Endpoint Security Best Practices white paper and a list of IIC members who contributed can be found on the IIC website.

Industrial Internet of Things Integral Part of Industry of Things Conference

Industrial Internet of Things Integral Part of Industry of Things Conference

The Industry of Things World USA conference in San Diego in its third year is becoming a premier Internet of Things (IoT) event in the US. Organized by weConnect in Berlin, Germany, it attracts a few hundred attendees, excellent speakers, and me (of course). The organizers leverage worldwide contacts–organizing similar events in Berlin and Singapore. They also have similar events in other technology areas.

Topics cover a range of IT and OT subjects. I make sure to get to the OT people who are here. This is a quick recap of what I’ve seen so far.

Charlie Gifford spoke at a breakout session on ISA95. He updated us on the latest changes proposed to the standard. His other focus was to promote event-driven architecture. He suggested that we build a library of operations events such that when an event occurs information about the change with the updated data is broadcast to subscribers. This is a great bandwidth saving over continuous point-to-point connections. He is also concerned with how to interconnect the many existing databases within a plant or production location.

Jagannath Rao, SVP of IoT and MindSphere for Siemens, discussed the evolution of MindSphere and its latest incarnation. Key point–Siemens has committed to openness–providing for open APIs especially in its MindSphere platform and adoption of open technologies such as OPC UA.

MindSphere v 2 enabled people to go out and do Proof of Concept (PoC) projects. From these Siemens could determine what customers were interested in and what the problems were that they were trying to solve. This all fed back into the product development process leading to the recent release of v 3.

V3, now a product, builds on open technologies–open being the key word. The platform moved from SAP Leonardo to Amazon Web Services (AWS) providing a more robust cloud experience. AWS is a Infrastructure as a Service, while MindSphere is Platform as a Service containing open APIs and data models. The next step on the journey is for Siemens to build out an ecosystem of 3rd party applications.

When asked about TSN, Rao also brought up 5G, both of which point out the importance of the Edge for initial processing of IoT data. Siemens is preparing for this next step, for example its Sinumeric Edge contains much analytics power, then ability to communicate information not just vast streams of data.

OPC vice president of marketing Stefan Hoppe, during his breakout session, discussed the acceptance of OPC UA in industry and the power of the release of publish/subscribe with OPC UA. His strong discussion point was to emphasize that OPC UA is not a protocol. It is an information model. It uses protocols—AMQP, MQTT, DDS, JavaScript, whatever to communicate the information from one device to another (or many). Proponents of a protocol who suggest that a protocol is superior to OPC UA miss the point that it’s not a protocol but actually an information model.

One key potential misunderstanding…Hoppe’s presentation made OPC appear to be German-centric and tied to the German Industrie 4.0. We need to keep in mind that the OPC Foundation Board is only 33% German, and that OPC UA lends itself to the digitalization efforts of any of the countries developing standards. It has become the official communication technology for many standardization efforts including the Open Process Automation Forum. It is truly global.

Lin Nease, IoT technologist at Hewlett Packard Enterprise, chatted with me at a one-on-one meeting about the edge and the power of Xeon server technology in its edge devices as well as software-defined control. I think I’ll be seeing more from HPE as it builds out its IoT infrastructure.

OPC Foundation Cites Advancements at Recent ARC Forum

OPC Foundation Cites Advancements at Recent ARC Forum

The OPC Foundation was active during the recent ARC Industry Forum in Orlando as a Platinum Sponsor and presenting a press conference. With OPC UA released and in use and the publish/subscribe about to be release, OPC Foundation’s emphasis has been on companion specifications. It had a joint press conference with the FieldComm group to discuss its joint working group and then released news of a released companion specification with Ethernet Powerlink. The last release, something I was able to work on pre-release review, concerns a study with ARC Advisory Group on adoption of the UA specification.

Below are some details. More at the Foundation website.

OPC and FieldComm

The OPC Foundation and FieldComm Group announced an alliance to advance process automation system multi-vendor interoperability and simplified integration by developing a standardized process automation device information model.

A joint working group between OPC Foundation and FieldComm Group, tasked with developing a protocol independent companion specification for process automation devices, was formed in late 2017. The goal of the working group is to leverage the extensive experience of FieldComm Group with the HART and FOUNDATION Fieldbus communication protocols to standardize data, information, and methods for all process automation devices through FDI using OPC UA. The OPC UA base information model and companion Device Information (DI) specification will be extended to include the generic definition and information associated with process automation devices.

The OPC Foundation and FieldComm Group have worked together for over a decade, initially working on the development of the EDDL specification and most recently on the creation of FDI technology.

“FDI provides the new standard for device integration to deliver a protocol independent path to configuration, diagnostics and runtime operation for process devices,” states Ted Masters, President and CEO of FieldComm Group. “The partnership between OPC Foundation and FieldComm Group further builds upon the common information model of both to deliver process automation data in context which is the key to enabling value from enterprise systems and analytics. The 350+ suppliers of devices and applications that are members of FieldComm Group have an opportunity to benefit from the key initiative to develop a standard process automation information model by their adoption of FDI and OPC UA technologies.”

“I’m excited that the OPC Foundation and FieldComm Group are working together on this important initiative, and will be partnering with other organizations, end-users and suppliers to make the dream of a standardized process automation device information model a reality. This is truly a breakthrough in our industry that will provide significant operational benefits across all points of the value chain,” states Thomas J. Burke, OPC Foundation President and Executive Director.

“This important collaboration will provide a solid foundation for standardization of devices that will serve as the base infrastructure for the numerous other collaborations that the OPC Foundation is doing across international boundaries,” says Stefan Hoppe, OPC Foundation Global Vice President.

The joint working group plans to release an extensible, future-proof process automation information model specification during the first quarter of 2019.

OPC and Powerlink

An OPC UA companion specification is now available for POWERLINK according to a joint announcement by the OPC Foundation and the Ethernet POWERLINK Standardization Group (EPSG). The companion specification describes how payload data is exchanged between POWERLINK and any OPC UA platform. The result is integrated communication from the sensor to the cloud.

“As technologies, OPC UA and POWERLINK complement each other perfectly,” emphasized Thomas Burke, President of the OPC Foundation, in his announcement. “POWERLINK is among the leading real-time bus systems used in plants and machinery. Together with OPC UA, POWERLINK networks can now communicate seamlessly and securely with the IT environment and into the cloud.”

“This specification allows OPC UA and POWERLINK to fuse into a single network,” added Stefan Schönegger, Managing Director of the EPSG. “We’re then able to join devices from different manufacturers and across different levels of the automation pyramid into a single, cohesive system.”

A joint working group between the OPC Foundation and the EPSG had been working on the specification since 2016. The document can be downloaded from the OPC Foundation website.

OPC UA Adoption

OPC Foundation announced today the release of an in-depth ARC Advisory Group report on the important role the OPC data connectivity standards play in control automation today and in future IIoT and Industrie4.0 based solutions.

Key ARC report findings confirmed that with an estimated global install base of over 45 million units, OPC is the de facto standard for open data connectivity and that OPC UA is well positioned to serve as the next data connectivity foundation for control automation applications in traditional industrial settings and new ones like building automation, transportation, and others. Key contributing factors to the continued success of OPC UA included the scalability, performance, and robustness of the technology and the large community of end-users, vendors, and other standards bodies actively working with the OPC Foundation to best utilize OPC UA in their applications.

According to Thomas Burke, OPC Foundation president, “the [ARC report] findings accurately reflect what we [OPC Foundation] have been seeing from an adoption and collaboration point of view. I highly recommend reading this ARC report for a high level perspective of what OPC UA is doing in the market and the future of data connectivity”

Commenting on the popularity of the OPC UA standard, Mr.Burke explained “OPC UA has something to offer for everyone from end-users and product vendors to other standards bodies. After people look at what is really out there as far as a single standard that has the scalability, performance, and flexibility to meet the challenges of modern data connectivity and interoperability and has the reputation and a large enough adoption base needed to make it a safe investment – they come to realize OPC UA is the real deal.”

“OPC technology has become a de facto global standard for moving data from industrial controls to visualization up to MES/ERP and IT cloud levels”, according to Craig Resnick, Vice President, ARC Advisory Group. “The rapid expansion of OPC UA in automation, IIoT, and into new, non-industrial markets suggests that OPC will remain an important technology for multivendor secured interoperability, plant floor-to-enterprise information integration, and a host of other applications yet to be envisioned.”

Digital Transformation Council

Digital Transformation Council

Digital Transformation has generated so much news that company executives have begun ordering projects and task forces within the company to begin that transformation. The pressure on engineers and IT people increases with each new directive. To help clients deal with these new directives, ARC Advisory Group launched the Digital Transformation Council (DTC) at its 2018 Forum.

The council is a member community for industry, energy, and public-sector professionals. Membership is by invitation only and restricted to end users of digital transformation technology, such as professionals working for manufacturers, utilities, and municipalities. There is no fee to join.

“As data-driven market disruption grows, professionals across similar industries need to connect and learn from one another,” according to Jesus Flores-Cerrillo, Associated R&D Director at Praxair, one of the world’s largest providers of industrial gases. He added, “It’s becoming mission-critical to understand how to use data to develop services and products and optimize operations and assets. That can only be accomplished by understanding the possibilities provided by modern data tools such as artificial intelligence, machine learning, and digital twins.”

“We are delighted to support the Digital Transformation Council by bringing members together in person and online,” commented Greg Gorbach, Vice President at ARC Advisory Group. “This community will enable individuals and companies to get up to speed quickly on digital transformation innovations and share ideas about what provides value and what doesn’t.”

Each February, a member-only meeting, anchored to the annual ARC Industry Forum, will bring the Council together to set the focus and agenda for the coming year. Members will also gather via virtual quarterly meetings to discuss research findings, activities, and other topics.

In addition to annual in-person meetings and quarterly virtual meetings, Digital Transformation Council members will have year-round access to research and fellow members via an online community. ARC Advisory Group’s role will be to conduct research, organize meetings, provide venues, and facilitate peer-to-peer discussions. ARC will also deliver technical support for the group’s online presence.
The DTC will address topics such as analytics, industrial Internet of Things (IIoT), artificial intelligence and machine learning, cybersecurity, and additive manufacturing.

Industrial Technology Supplier State of the Business

Industrial Technology Supplier State of the Business

A tale of the business state of two industrial technology supplier companies–GE and ABB.

This is a great article tracing the heritage and woes of GE. While the company is still strong in all the basic industrial categories, it’s moves deeper in to financial and entertainment industries have cost it dearly. Not to mention decades of financial sleight-of-hand. When I was at Minds + Machines last fall, I wondered if this might be the last. The new CEO hinted at changes in GE Digital at the conference. Shortly afterwards, the shoe dropped. GE Digital was to be essentially gutted. No more grandiose plans for a huge software platform that would be the solution of everything digital. Smaller applications and partnerships were to be the new direction. There will be some GE people at ARC this week, I’ll see what else I can learn.

Meanwhile, ABB released its full year 2017 financial results. It has been in the midst of restructuring since Ulrich Spiesshofer assumed the reins in 2013 succeeding GE alum Joe Hogan. ABB touts its progress in this report.

Ulrich Spiesshofer, ABB CEO

“In the transition year 2017, we shaped a streamlined and strengthened ABB. Now, our digital-first portfolio for customers in utilities, industry and transport and infrastructure is based on two clear value propositions: bringing electricity from any power plant to any plug, and automating industries from natural resources to finished products,” said Spiesshofer. “The annual results include the dampening effect of our massive transformation. With our targeted actions to shift our center of gravity, we have improved competitiveness, addressed higher-growth segments and de-risked ABB. We delivered four consecutive quarters of increasing base-order growth. The momentum we have built in 2017 positions us for profitable growth as the global markets are improving. Today’s proposal to increase the dividend for the 9th consecutive year demonstrates our confidence in the future.”

Full-year 2017 Group Results

ABB delivered a steady financial performance in 2017 despite market headwinds and its ongoing transformation. Total orders were steady (steady in US dollars). Base-order growth (base orders are classified as orders below $15 million) showed increasing momentum each quarter, and for the full year increased 5 percent (6 percent in US dollars), mitigating the effect of lower large orders. The large order share of total orders in 2017 was 8.5 percent, versus 13.5 percent in 2016, in part as a consequence of ABB’s business model shift. Total service orders grew 8 percent (8 percent in US dollars) to 20 percent of total group orders.

The order backlog at the end of December 2017 was $22,414 million, 4 percent lower (2 percent in US dollars) compared with the prior year. The book-to-bill ratio2 was 0.97x for 2017, compared with 0.99x in 2016.

Revenues improved 1 percent (1 percent in US dollars) to $34,312 million, with positive contributions from Electrification Products and Robotics and Motion more than offsetting the declines in Industrial Automation and Power Grids. Total services revenues grew 3 percent (3 percent in US dollars) and now stand at 18 percent of total group revenues.

ABB executed on its Next Level strategy throughout 2017. The company launched ABB Ability, its digital solutions offering, and continued to invest in digital, sales, branding and research & development. It delivered strong cost savings in White Collar Productivity and supply chain/operational excellence and completed or announced a number of important transactions. It continued to de-risk its portfolio by divesting non-core businesses, and taking actions to implement its EPC (Engineering, Procurement and Construction) business model change. These activities impacted full year results. The company’s operational EBITA declined 2 percent (1 percent in US dollars) to $4,130 million, inclusive of approximately $140 million of charges related to the EPC businesses. The reported operational EBITA margin was 12.1 percent, 30 basis points lower due to charges related to the EPC businesses and would have been steady without these charges.

Net income in 2017 rose 17 percent compared with the previous year to $2,213 million, reflecting primarily lower transformation-related restructuring and restructuring-related expenses and net gains recorded on the business divestments in the year. Basic earnings per share grew 17 percent to $1.04. Operational EPS2 was $1.25, 1 percent lower in constant currency4

Cash flow from operating activities was steady compared with 2016 at $3,799 million for the full year. ABB continued to benefit from improvements in net working capital which generated approximately $600 million of cash during 2017. Net working capital as a percentage of revenue was reduced to 11.3 percent, a 10 basis point improvement year on year. Capital expenditures for the group were $949 million during 2017. Free cash flow of $2,926 million was 5 percent lower than 2016 and the company’s cash return on invested capital (CROI) was 12.4 percent2, mainly impacted by the acquisition of B&R.

Greater Investment In Autonomous Vehicles For Manufacturing Than Passenger

Greater Investment In Autonomous Vehicles For Manufacturing Than Passenger

Quick, when you think of self-driving cars and trucks and other news of autonomous vehicles, what comes to mind? OK, maybe an unfair question today given the Waymo v Uber lawsuit trial that began yesterday. But most of us think in terms of passenger cars rather than industrial uses.

PwC worked on a study and Bobby Bono (pictured), Carolyn Lee, and Todd Benigni all of PwC wrote a blog post, Can you be a first mover in industrial mobility? discussing the investment in manufacturing outdistancing the investment in passenger vehicles.

PwC Bobby Bono

When it comes to self-driving vehicles, passenger cars may grab most of the headlines, but they aren’t capturing most of the investment in the space. According to a PwC analysis, of the $6.8 billion raised by autonomous-transport startups since 2012, about 62% has gone to companies working on technology for vehicles ranging from drones to unmanned forklifts and tractor-trailers, all pieces of the larger ecosystem of industrial mobility.

Significantly, these investments in the pioneers of industrial mobility have been accelerating in recent years. From 2012 to 2014, companies working on automobiles received about as much investment ($660 million) as those building non-auto solutions ($702 million). But from 2015 to 2017, non-auto investment increased five-fold to $3.5 billion, while investment in companies working on tech for passenger cars rose a comparatively modest 188% to $1.9 billion.

Why does this matter? The rapid growth in capital pouring into startups working on industrial mobility reveals that hefty bets are being placed on the prospect that the impact of autonomous vehicles may well first made more forcibly upon industrial applications – even as self-driving passenger cars continue to capture consumers’ imagination.

Attitudes toward self-driving trucks are a good example of this cautious approach. Nearly two-thirds of respondents in the survey said they’ll wait and see how the technology evolves before adopting it. That’s especially interesting, given that most all survey respondents estimated that autonomous trucks could slash transportation costs by up to 25%. In a nutshell: they see the potential, but aren’t quite ready to jump in.

Cost is arguably the most important factor keeping manufacturers on the sidelines. The high cost of autonomous technology was the most frequently cited barrier to adoption in our survey, with nearly six in 10 respondents identifying it as a hurdle. At the same time, 86% said advanced industrial mobility’s ability to deliver a cost advantage was among the factors most likely to prompt them to embrace the technology.

With investment in industrial mobility surging, it’s a fair bet that businesses may see autonomous technology’s value proposition start to seem more attractive (and proven) sooner rather than later. And, it only stands to reason that some early adopters – and the early-stage companies developing the technology they implement – will score a competitive edge while their peers loiter on the sidelines.


Follow this blog

Get every new post delivered right to your inbox.